Working over the past few years in close conjunction with the MPI-SWS spinoff Aircloak, we have developed what we believe is a breakthrough in the anonymity X utility "product".  Our system, dubbed the "Cloak", may be installed in front of any existing SQL database (unmodified), with negligible configuration.  Untrusted analysts may submit an unlimited number of SQL queries to the database through the Cloak with, so far as we know, virtually no possibility of inferring individual user information from the answers.  The noise added by the Cloak is minimal: Gaussian with a typical standard deviation of 2 for counting queries. The SQL queries may be composed of the "aggregate subset" of SQL, which includes most standard math, string, datetime, and aggregate functions, as well as custom functions.  This talk will describe cloak operation, present a case study based on a real medical database, and give an overview of the anonymization mechanisms.